Uncovering IoT Threats in the Cybercrime Underground

Amid the growth of the internet of things (IoT), manufacturers and integrators are testing the limits of how the technology can be applied, as seen in how new forms of connected devices are hitting the market. Some applications play critical Read More …

How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for Read More …

Cyberattacks against industrial targets have doubled over the last 6 months

Cyberattacks designed to cause damage have doubled in the past six months and 50 percent of organizations affected are in the manufacturing sector, researchers say. On Monday, IBM’s X-Force IRIS incident response team published new research based on recent cyberattacks they have Read More …

Nation-State APTs Target U.S. Utilities With Dangerous Malware

Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July Read More …

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas. XENOTIME, the APT group behind the TRISIS industrial control system (ICS) event, has expanded its focus beyond the oil and gas industries, Read More …

4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’

The infamous Stuxnet family of industrial sabotage malware is likely the work of a mysterious “supra-group” that Chronicle researchers Juan Andres Guerrero Saad and Silas Cutler have dubbed Gossip Girl; and it’s a group that turns out to be larger Read More …

Study Highlights ‘Relentless’ Attacks On Critical Infrastructure

Cyber-attacks on critical infrastructure are “relentless and continuous”, with successful attacks often taking systems offline, a new study has found. The study by the Ponemon Institute, based on a survey of 701 security professionals in seven countries, including the UK, found that Read More …

Industrial Network Switches Rife with Vulnerabilities

Industrial switches used to build networks in the oil and gas and maritime logistics sectors, as well as broader critical national infrastructure (CNI) are rife with security vulnerabilities, according to cybersecurity company Positive Technologies. The Framingham, Massachusetts-based company said it had identified Read More …

Security alert for vulnerabilities in Siemens PLCs

Siemens has issued a security alert about the company’s Simatic S7-1500 programmable logic controllers (PLCs) after security researchers at Positive Technologies reported “serious vulnerabilities” that exposed industrial processes to denial-of-service (DoS) attacks. The researchers warn that, left unpatched, the vulnerabilities can be exploited by cyber Read More …

Siemens Patches Firewall Flaw That Put Operations at Risk

The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability Read More …